{ lib, config, ... }:
let
  cfg = config.my.servers.paperless;
  port = config.services.paperless.port;
in
{
  options.my.servers.paperless.enable = lib.mkEnableOption "Paperless-ngx document management system";
  config = lib.mkIf (cfg.enable && config.my.servers.postgres.enable) {
    networking.firewall.allowedTCPPorts = [ port ];
    services.paperless = {
      inherit (cfg) enable;
      address = config.my.ips.server;
      consumptionDirIsPublic = true;
      consumptionDir = "/srv/pool/scans/";
      settings = {
        PAPERLESS_ACCOUNT_DEFAULT_HTTP_PROTOCOL = "http";
        PAPERLESS_URL = "http://${config.my.ips.server}:${builtins.toString port}";
        PAPERLESS_DBENGINE = "postgress";
        PAPERLESS_DBNAME = "paperless";
        PAPERLESS_DBHOST = config.my.postgresSocket;
        PAPERLESS_TIME_ZONE = config.my.timeZone;
        PAPERLESS_APPS = "allauth.socialaccount.providers.openid_connect";
        PAPERLESS_CONSUMER_IGNORE_PATTERN = builtins.toJSON [
          ".DS_STORE/*"
          "desktop.ini"
        ];
        PAPERLESS_OCR_USER_ARGS = builtins.toJSON {
          optimize = 1;
          pdfa_image_compression = "lossless";
        };
      };
    };
  };
}